Alertra SecureSite™
Security Vulnerability Assessment (Part 3 of 3)
Prev | 1 | 2 | 3 | Next
Can I be 100% secure?
It is not possible to verify that any complex system is 100% secure. Our vulnerability scans, using the de facto industry leading products, will catch a very large number of potential problems. But there are many other security issues to consider, not just whether or not the software you run has any vulnerabilities. Vulnerability scanning needs to be part of your defenses, but you should also practice defense in depth.
The goal in security is to raise the bar for unauthorized use of your systems as high as possible given the resources and risk exposure. You do this by creating layers of security, both passive and active, that any attacker has to get through to be successful. If done right, chances are that while an attacker may breach a layer of security, they likely will not have done it without drawing attention to themselves.
Vulnerability scanning, by itself, will not make you any more or less secure. What it will do is audit your systems to give you ideas on where you need to raise the bar. You can raise the bar by installing patches, changing access permissions, removing services, etc. Even if you are not doing vulnerability scans of your network, you can be sure someone is. DSheild's sensors only cover a small part of the Internet and they recorded 187 million attacks and scans just last week.
How do I get started?
Vulnerability scans can, to a system administrator, look just like an attack. The scan itself is performing many of the activities an attacker would, scanning for ports, sending probe packets, and crafting URLs. The vulnerability report itself is quite sensitive. Because of this, Alertra does not allow our customers to scan just any IP addresses.
To get a vulnerability scan set up, submit this order form to list the IPs you want to scan and to certify that you own or have permission to scan the systems at those IPs. Once we verify the information, we will set up the scan and send you a notice that it is ready to go.
Because these scans can look like an attack, it is a very good idea to let your ISP know what you are doing. If they operate an intrusion-detection system it will likely flag our scans as an attack. In the event that our ISP receives a complaint about a scan, we will suspend scanning of that IP until the matter can be straightened out with the customer and the ISP.
Summary
Vulnerability scanning is a very good method of determining the exposure you have to attacks against your network. Alertra's SecureSite™ service uses the industry leading Nessus platform to perform scans of your network and report the results to you. Since we host the Nessus software, there is nothing for you to install, configure, or maintain. We will scan your systems and send full and difference reports to you after each scan.
The clock starts ticking as soon as a vulnerability is discovered. How many vulnerabilities have been discovered while you've been reading this article?
Prev | 1 | 2 | 3 | Next
Not logged in.
